Skip to main content
SpringerLink
Log in
Book cover

Operations Research Proceedings 2015 pp 333–339Cite as

Robust Optimization of IT Security Safeguards Using Standard Security Data

  • Conference paper
  • First Online:

Part of the book series: Operations Research Proceedings ((ORP))

Abstract

Finding an appropriate IT security strategy by implementing the right security safeguards is a challenging task. Many organizations try to address this problem by obtaining an IT security certificate from a recognized standards organization. However, in many cases the requirements of a standard are too extensive to be implemented, particularly by smaller organizations. But the knowledge contained in a security standard may still be used to improve security. Organizations that have an interest in security but not in a certificate, face the challenge of utilizing this knowledge and selecting appropriate safeguards from the given standard. To solve this problem, a new robust optimization model to determine an optimal safeguard configuration is proposed. By incorporating multiple threat scenarios, obtained solutions are robust against uncertain security threats.

This is a preview of subscription content, log in via an institution.

References

  1. Federal Office for Information Security. IT-Grundschutz-Catalogues: 13th Version (2013)

    Google Scholar 

  2. FICO. FICO Xpress Optimization Suite (2015). http://www.fico.com/en/products/fico-xpress-optimization-suite

  3. Heitsch, H., Römisch, W.: Scenario tree modeling for multistage stochastic programs. Math. Program. 118(2), 371–406 (2009)

    Article  Google Scholar 

  4. Schilling, A., Werners, B.: Optimizing information security investments with limited budget. Operations Research Proceedings. Springer, New York (2014)

    Google Scholar 

  5. Schilling, A., Werners, B.: Optimal selection of IT security safeguards from an existing knowledge base. Eur. J. Oper. Res. 248(1), 318–327 (2016)

    Article  Google Scholar 

  6. Werners, B., Wülfing, T.: Robust optimization of internal transports at a parcel sorting center operated by Deutsche Post World Net. Eur. J. Oper. Res. 201(2), 419–426 (2010)

    Article  Google Scholar 

Download references

Acknowledgements

This work was partially supported by the Horst Görtz Foundation.

Author information

Authors and Affiliations

  1. Chair of Operations Research and Accounting, Faculty of Management and Economics, Ruhr University Bochum, Bochum, Germany

    Andreas Schilling

Authors
  1. Andreas Schilling
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Andreas Schilling .

Editor information

Editors and Affiliations

  1. Department of Business Administration, University of Vienna, Vienna, Austria

    Karl Franz Dörner

  2. Decision Sciences and Statistics (IDS) Department, ESSEC Business School of Paris, Cergy Pontoise Cedex, France

    Ivana Ljubic

  3. Department of Statistics and Operations Research, University of Vienna, Vienna, Austria

    Georg Pflug

  4. Operations Research and Control Systems, TU Wien, Vienna, Austria

    Gernot Tragler

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing Switzerland

About this paper

Cite this paper

Schilling, A. (2017). Robust Optimization of IT Security Safeguards Using Standard Security Data. In: Dörner, K., Ljubic, I., Pflug, G., Tragler, G. (eds) Operations Research Proceedings 2015. Operations Research Proceedings. Springer, Cham. https://doi.org/10.1007/978-3-319-42902-1_45

Download citation

Publish with us

Policies and ethics

Search

Navigation